Bug ID 706184: Disabling l7dos using LTM policy, and original DoS on the virtual server has no features enabled, connection hangs

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1

Opened: Feb 09, 2018

Severity: 3-Major

Symptoms

Using an LTM policy rule to disable l7dos when the DoS profile on the virtual server contains an application profile with no feature enabled, causes the transaction to hang instead of forwarding the request to server.

Impact

The connection hangs. Requests are not forwarded to server.

Conditions

-- LTM policy with 'disable l7dos' rule. -- DoS profile on a virtual server contains an application profile without any features enabled.

Workaround

Enable any DoS application feature in the DoS profile attached to the virtual server (e.g., bot signatures, proactive bot defense, TPS-based DoS Detection, etc.). The profile can be disabled by default using the LTM rules.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips